package org.cagui.core;

import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Security;
import java.security.SignatureException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Hashtable;

import javax.security.auth.x500.X500Principal;

import org.bouncycastle.asn1.x509.X509Name;
import org.bouncycastle.jce.PKCS10CertificationRequest;
import org.bouncycastle.jce.X509Principal;

public class CsrManager {
	
	public static final String defaultCsrPath = "./csr/";
	
	@SuppressWarnings({ "deprecation", "rawtypes" })
	public void generateCertificationRequest(CertificateParams params) throws NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException, IOException{
		KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");  
	    keyPairGenerator.initialize(params.getRsaKeyLength());  
	    
	    KeyPair pair = keyPairGenerator.generateKeyPair();  
	    System.out.println("New KeyPair generated.");
	    

	    /*
        CN      CommonName
        L       LocalityName
        ST      StateOrProvinceName
        O       OrganizationName
        OU      OrganizationalUnitName
        C       CountryName
        STREET  StreetAddress
  		*/
	    
	    Hashtable attrs = new Hashtable();
	    attrs.put(X509Principal.CN, params.getAlias());
	    attrs.put(X509Principal.C, params.getCountry());
	    attrs.put(X509Principal.O, params.getOrganizationName());
	    attrs.put(X509Principal.ST, params.getState());

	    X509Name subject = new X509Name(attrs); 
	    
	    Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());

	    System.out.println("Added BouncyCastle Provider to Security.");

	    PKCS10CertificationRequest kpGen = new PKCS10CertificationRequest(
	    													  "SHA1withRSA",
	    													  subject,
	                                                          pair.getPublic(),
	                                                          null,
	                                                          pair.getPrivate());

	    System.out.println("CSR generated.");
	    
	    FileOutputStream fos = new FileOutputStream(defaultCsrPath + params.getFileNameForCertificate() + ".csr");  
	    fos.write(kpGen.getEncoded());  
	    fos.close();  

	    System.out.println("Csr saved into file.");
	    
		PKCS8EncodedKeySpec pkcs8EncodedKeySpec = new PKCS8EncodedKeySpec(
				pair.getPrivate().getEncoded());
		fos = new FileOutputStream(defaultCsrPath + params.getFileNameForCertificate() + ".key");
		fos.write(pkcs8EncodedKeySpec.getEncoded());
		fos.close();	    

	    System.out.println("Private key saved into file.");
	    
	}

}
